CN117874144B - Medical data sharing method, device, equipment and storage medium based on blockchain - Google Patents

Medical data sharing method, device, equipment and storage medium based on blockchain Download PDF

Info

Publication number
CN117874144B
CN117874144B CN202410269052.2A CN202410269052A CN117874144B CN 117874144 B CN117874144 B CN 117874144B CN 202410269052 A CN202410269052 A CN 202410269052A CN 117874144 B CN117874144 B CN 117874144B
Authority
CN
China
Prior art keywords
data
structure sub
target
attribute
piece
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202410269052.2A
Other languages
Chinese (zh)
Other versions
CN117874144A (en
Inventor
赵风浩
任锋
罗永强
李江
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xikang Software Co ltd
Original Assignee
Xikang Software Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xikang Software Co ltd filed Critical Xikang Software Co ltd
Priority to CN202410269052.2A priority Critical patent/CN117874144B/en
Publication of CN117874144A publication Critical patent/CN117874144A/en
Application granted granted Critical
Publication of CN117874144B publication Critical patent/CN117874144B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H40/00ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices
    • G16H40/20ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the management or administration of healthcare resources or facilities, e.g. managing hospital staff or surgery rooms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • General Business, Economics & Management (AREA)
  • Business, Economics & Management (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Public Health (AREA)
  • Signal Processing (AREA)
  • Bioethics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Biomedical Technology (AREA)
  • Primary Health Care (AREA)
  • Medical Informatics (AREA)
  • Computing Systems (AREA)
  • Epidemiology (AREA)
  • Data Mining & Analysis (AREA)
  • Medical Treatment And Welfare Office Work (AREA)

Abstract

The invention provides a medical data sharing method, device and equipment based on a blockchain and a storage medium, and relates to the technical field of data processing. The method comprises the following steps: acquiring medical data uploaded by a first node in a block chain; carrying out structuring treatment on the medical data to obtain structured data in a preset format; encrypting each piece of structure sub-data in the structured data respectively, and storing each piece of encrypted structure sub-data to obtain a storage position of each piece of encrypted structure sub-data; extracting data abstracts corresponding to the plurality of pieces of structure sub-data, and encrypting storage positions and the data abstracts of the plurality of pieces of structure sub-data respectively according to the attribute corresponding to each piece of structure sub-data, the key of the medical data and the key of the first node; and storing the encrypted storage position, the data abstract and the attributes of the plurality of pieces of structure sub-data into corresponding blocks in the block chain so as to share medical data. The invention can improve the efficiency of medical data searching and sharing.

Description

Medical data sharing method, device, equipment and storage medium based on blockchain
Technical Field
The present invention relates to the field of data processing technologies, and in particular, to a medical data sharing method, apparatus, device and storage medium based on blockchain.
Background
With the development of medical health and the development of medical data informatization, medical data sharing and exchange are carried out among various hospitals, so that doctors can be promoted to better develop work, and high-quality medical services are provided for patients.
The related medical data is mainly shared by uploading the medical data to a blockchain, wherein each hospital or medical institution corresponds to one node respectively, and the sharing among the nodes can be realized by the blockchain mode. However, this method can upload the medical data of the patient to the nodes in the blockchain, and as the amount of the uploaded data increases, the searching pressure increases when searching for the medical data, and it is difficult to quickly acquire the desired medical data; moreover, due to the characteristic of bloated medical data, if all the medical data are uploaded in large segments, the amount of the uploaded data is further increased, and the efficiency of medical data searching and medical data sharing is affected.
Disclosure of Invention
The embodiment of the invention provides a medical data sharing method, device, equipment and storage medium based on a blockchain, so as to improve the efficiency of medical data searching and medical data sharing.
In a first aspect, an embodiment of the present invention provides a medical data sharing method based on a blockchain, including:
Acquiring medical data uploaded by a first node in a block chain;
Carrying out structuring treatment on the medical data to obtain structured data in a preset format; wherein the structured data comprises a plurality of pieces of structure sub-data and attributes of each piece of structure sub-data;
Encrypting each piece of structure sub data respectively, and storing each piece of encrypted structure sub data to obtain a storage position of each piece of encrypted structure sub data;
extracting data summaries corresponding to the plurality of pieces of structure sub-data, and encrypting storage positions and the data summaries of the plurality of pieces of structure sub-data according to the attribute corresponding to each piece of structure sub-data, the secret key of the medical data and the secret key of the first node;
and storing the encrypted storage position, the data abstract and the attributes of the plurality of pieces of structure sub-data into corresponding blocks in the block chain so as to share medical data.
In one possible implementation, the method further includes:
Acquiring a data sharing request sent by a second node in the blockchain, wherein the data sharing request comprises a target attribute of target medical data expected to be acquired by the second node, a block corresponding to the target medical data, a secret key of the second node and a secret key corresponding to the target medical data;
Acquiring an encrypted storage position corresponding to the target attribute from a block corresponding to the target medical data according to the target attribute in the data sharing request;
Decrypting a storage position corresponding to the target attribute according to the key of the second node, the key of the target medical data and the target attribute to obtain a corresponding decryption result;
and determining shared data according to the decryption result, and returning the shared data to the second node.
In one possible implementation manner, the encrypting the storage locations and the data digests of the plurality of pieces of structure sub-data according to the attribute corresponding to each piece of structure sub-data, the key of the medical data and the key of the first node includes:
Determining the sensitivity corresponding to each piece of structure sub-data according to the attribute corresponding to each piece of structure sub-data;
Grouping the plurality of structural sub-data according to the sensitivity to obtain a plurality of data groups, wherein the data groups correspond to the sensitivity ranges one by one, and the sensitivity corresponding to the plurality of structural sub-data in one data group is positioned in the sensitivity range of the data group;
determining the storage position of each piece of structure sub-data and the encryption mode of the data abstract according to the data group corresponding to each piece of structure sub-data;
And encrypting the storage position and the data abstract of each piece of the structure sub-data based on the encryption mode of each piece of the structure sub-data, the key of the medical data and the key of the first node.
In one possible implementation manner, the determining, according to the data group corresponding to each piece of structure bar data, the encryption manner of the storage location and the data summary of each piece of structure bar data includes:
respectively determining an initial encryption mode of each data group, wherein the initial encryption modes corresponding to each data group are different;
according to the initial encryption mode of the data group with the lowest sensitivity range, the initial encryption modes of the rest data groups are adjusted, and the adjusted encryption modes of the rest data groups are obtained;
And respectively determining the storage position of each structure sub-data in each data group and the encryption mode of the data abstract according to the initial encryption mode of the data group with the lowest sensitivity range and the encryption modes after the adjustment of the rest data groups.
In one possible implementation, the target attribute includes at least one attribute;
before decrypting the storage location corresponding to the target attribute according to the key of the second node, the key of the target medical data and the target attribute, the method further includes:
Determining a target sensitivity range corresponding to each attribute in the target attributes, and determining whether each target sensitivity range is a preset lowest sensitivity range;
and stopping the operation if each target sensitivity range is not the preset lowest sensitivity range.
In one possible implementation manner, the decrypting the storage location corresponding to the target attribute according to the key of the second node, the key of the target medical data, and the target attribute includes:
Decrypting a storage position corresponding to an attribute with a preset lowest sensitivity range in the target attributes;
if the corresponding storage position decryption fails in the attribute of the preset lowest sensitivity range, determining that decryption results corresponding to all the attributes in the target attribute are decryption failure;
if the storage positions corresponding to all the attributes of the preset minimum sensitivity range are successfully decrypted, continuing to decrypt the storage addresses corresponding to the attributes of the other sensitivity ranges;
If the storage positions corresponding to the attributes in the same sensitivity range fail to decrypt, determining that the decryption result of the attribute corresponding to the sensitivity range in the target attribute is decryption failure;
If the storage positions corresponding to the attributes in the same sensitivity range are successfully decrypted, determining that the decryption result of the attribute corresponding to the sensitivity range in the target attribute is successful.
In one possible implementation manner, the determining shared data according to the decryption result and returning the shared data to the second node includes:
Reorganizing all structure sub-data corresponding to the decrypted attribute to obtain shared data;
temporarily storing the shared data to a new storage address;
And sending the shared data to the second node through the new storage address, and deleting the shared data in the new storage address after preset time.
In a second aspect, an embodiment of the present invention provides a blockchain-based medical data sharing device, including:
The acquisition module is used for acquiring medical data uploaded by a first node in the blockchain;
The processing module is used for carrying out structuring processing on the medical data to obtain structured data in a preset format; wherein the structured data comprises a plurality of pieces of structure sub-data and attributes of each piece of structure sub-data;
the storage module is used for encrypting each piece of structure sub-data respectively and storing each piece of encrypted structure sub-data to obtain the storage position of each piece of encrypted structure sub-data;
The encryption module is used for extracting data summaries corresponding to the plurality of pieces of structure sub-data, and encrypting storage positions and the data summaries of the plurality of pieces of structure sub-data according to the attribute corresponding to each piece of structure sub-data, the key of the medical data and the key of the first node;
And the sharing module is used for storing the encrypted storage position and the data abstract and the attributes of the plurality of pieces of structure sub-data to the corresponding blocks in the block chain so as to share the medical data.
In a third aspect, an embodiment of the present invention provides an electronic device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, the processor implementing the steps of the method as described above in the first aspect or any one of the possible implementations of the first aspect when the computer program is executed.
In a fourth aspect, embodiments of the present invention provide a computer readable storage medium storing a computer program which, when executed by a processor, implements the steps of the method as described above in the first aspect or any one of the possible implementations of the first aspect.
Compared with the prior art, the embodiment of the invention has the beneficial effects that:
According to the embodiment of the invention, the medical data can be converted into the structured data with the preset format by carrying out the structuring treatment on the medical data, so that the medical data is split into a plurality of pieces of structure sub-data with different attributes; by respectively encrypting and storing each piece of structure sub-data and uploading the storage position of the structure sub-data to the blockchain, the problem of large-section uploading of medical data can be avoided, the condition of bloated medical data is reduced, the data volume of medical data uploading is reduced, and therefore the sharing efficiency of the medical data is improved; through storing and uploading each piece of structure sub-data, each piece of structure sub-data can be searched and shared, so that the searching efficiency of medical data is improved, the whole medical data is not required to be shared, the sharing can be carried out pertinently, and the sharing efficiency of the medical data is further improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the embodiments or the description of the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and that other drawings can be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is an application scenario diagram of a blockchain-based medical data sharing method provided by an embodiment of the present invention;
FIG. 2 is a flow chart of an implementation of a blockchain-based medical data sharing method provided by an embodiment of the invention;
FIG. 3 is a schematic diagram of structural sub-data provided by an embodiment of the present invention;
FIG. 4 is a schematic diagram of a block chain based medical data sharing device according to an embodiment of the present invention;
Fig. 5 is a schematic diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth such as the particular system architecture, techniques, etc., in order to provide a thorough understanding of the embodiments of the present invention. It will be apparent, however, to one skilled in the art that the present invention may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present invention with unnecessary detail.
For the purpose of making the objects, technical solutions and advantages of the present invention more apparent, the following description will be made by way of specific embodiments with reference to the accompanying drawings.
Sharing of medical data by blockchain is typically accomplished by forming a federated chain between multiple institutions through the blockchain, and by forming a consensus among the various institutions. In the application scenario diagram of the blockchain-based medical data sharing method shown in fig. 1, A, B, C, D, E and F in fig. 1 respectively represent a node (i.e., an organization), and each node is interconnected with other nodes to realize data sharing between the nodes.
The invention provides a medical data sharing method based on a blockchain, which can be seen in an implementation flow chart shown in fig. 2, and comprises the following steps:
Step S201, medical data uploaded by a first node in a blockchain is acquired;
In this embodiment, the first node may be a node that can generate medical data in a hospital, a medical institution, or the like. The medical data may include medical record data, prescription data, treatment data, physician information, patient information, and the like.
Step S202, carrying out structuring treatment on medical data to obtain structured data in a preset format; the structured data comprises a plurality of pieces of structure sub-data and attributes of each piece of structure sub-data;
Since the medical data includes various types of data, such as text, images, numerical values and the like, and the text also includes contents with various meanings, the medical data is uploaded as a whole, and accurate searching and sharing are difficult, the inventor considers splitting the medical data, and avoids storing a large section of uploaded medical data together.
In this embodiment, the medical data is structured, so that the medical data can be split into a plurality of pieces of structural sub-data, and the medical data is uploaded by uploading each piece of structural sub-data, so that a large section of medical data is prevented from being directly uploaded. Here, the split structural sub-data may be medical record data, prescription data, medication data, operation data, examination data, main doctor data, patient data, and the like, respectively; the method can also be further divided, and each piece of structure sub-data corresponds to the illness state, diagnosis data, medical advice, medication data, operation data, examination image data, examination sound data, numerical data, patient data, past history, personal history, main doctor data, treatment hospital data and the like of each treatment course respectively.
Optionally, in this embodiment, the medical data may be screened by using preset attributes, and the medical data corresponding to each attribute is determined, so as to implement structural processing of the medical data; the identification can be performed by the medical data, different structure sub-data are extracted from the medical data, and the attribute of each structure sub-data is determined by judging the structure sub-data.
Step S203, each piece of structure sub-data is encrypted respectively, and each piece of encrypted structure sub-data is stored to obtain a storage position of each piece of encrypted structure sub-data;
In this embodiment, each piece of structural sub-data is encrypted and stored separately, so that each piece of structural sub-data is not affected, a certain type of structural sub-data required can be obtained independently, medical data required to be transmitted in a sharing process is reduced, and therefore sharing efficiency of the medical data is improved.
Here, each piece of encrypted structure sub-data can be stored in the cloud storage corresponding to the alliance chain, all medical data is prevented from being directly uploaded to the blockchain, the data quantity required to be stored by each node in the blockchain is reduced, the pressure of searching medical data in the blockchain is reduced, the speed of searching medical data is improved, and therefore sharing efficiency is improved.
Step S204, extracting data summaries corresponding to the plurality of pieces of structure sub-data, and encrypting the storage positions and the data summaries of the plurality of pieces of structure sub-data according to the attribute corresponding to each piece of structure sub-data, the key of the medical data and the key of the first node;
step S205, storing the encrypted storage position and the data abstract and the attributes of the plurality of pieces of structure sub-data to corresponding blocks in the block chain so as to share the medical data.
In this embodiment, the data digests of the plurality of pieces of structure sub-data may be also extracted, and when the medical data sharing is performed, the integrity of each piece of structure sub-data may be verified through the data digests, so as to ensure the reliability of the shared medical data.
Here, the storage position and the data abstract of each piece of structure sub data are stored in the corresponding block in the blockchain after being encrypted, so that the storage position can be only stored in the blockchain, the situation that a large section of medical data is stored in the blockchain is avoided, the medical data required to be stored in the block of the blockchain is reduced, and the condition that the medical data is bloated is reduced.
And the storage positions of each piece of structure sub data are respectively uploaded to the block, so that the storage of each piece of structure sub data is not affected, and the storage address of the required structure sub data can be acquired, so that only the required structure sub data is downloaded, the whole medical data is prevented from being downloaded, and the medical data sharing efficiency can be improved.
According to the embodiment of the invention, the medical data can be converted into the structured data with the preset format by carrying out the structuring treatment on the medical data, so that the medical data is split into a plurality of pieces of structure sub-data with different attributes; by respectively encrypting and storing each piece of structure sub-data and uploading the storage position of the structure sub-data to the blockchain, the problem of large-section uploading of medical data can be avoided, the condition of bloated medical data is reduced, the data volume of medical data uploading is reduced, and therefore the sharing efficiency of the medical data is improved; through storing and uploading each piece of structure sub-data, each piece of structure sub-data can be searched and shared, so that the searching efficiency of medical data is improved, the whole medical data is not required to be shared, the sharing can be carried out pertinently, and the sharing efficiency of the medical data is further improved.
Optionally, the encrypting the storage locations and the data digests of the plurality of structural sub-data according to the attribute corresponding to each structural sub-data, the key of the medical data and the key of the first node may be:
Firstly, determining the sensitivity corresponding to each piece of structure sub-data according to the attribute corresponding to each piece of structure sub-data; secondly, grouping a plurality of pieces of structure sub-data according to the sensitivity to obtain a plurality of data groups, wherein the data groups correspond to the sensitivity ranges one by one, and the sensitivity corresponding to the plurality of pieces of structure sub-data in one data group is positioned in the sensitivity range of the data group; thirdly, determining the storage position of each piece of structure sub-data and the encryption mode of the data abstract according to the data group corresponding to each piece of structure sub-data; and finally, encrypting the storage position and the data abstract of each piece of the structure sub-data based on the encryption mode of each piece of the structure sub-data, the key of the medical data and the key of the first node.
In this embodiment, when encrypting the storage location and the data summary of each piece of structure sub-data, the storage locations and the data summaries of the structure sub-data with different sensitivities can be distinguished according to the sensitivities of the structure sub-data, and different encryption modes are adopted, so that when only one decryption mode is obtained, the other encrypted data can be decrypted, and by adopting different encryption modes, the security of different structure sub-data can be ensured, so that users with corresponding authorities can only obtain the corresponding structure sub-data. Meanwhile, the encryption mode is divided through sensitivity, so that sensitive information of a user or a patient can be protected at a high level, and hidden danger of information leakage is further reduced. The sensitivity may represent the sensitivity degree of the structural sub-data, or the sensitivity degree of the information corresponding to the attribute.
Here, since the constitution of the medical data is generally uniform, the attribute of the medical data, and the sensitivity corresponding to each attribute may be set in advance. The sensitivity can be selected as any number from 1 to 10, the illness state, diagnosis data, medical advice, medication data, operation data and the like of the treatment course contain less personal information, and the corresponding sensitivity is lower and can be expressed by 1,2, 3 or 4; the inspection image data, the inspection sound data, and the like may contain a picture photograph of an individual, and the like, and the sensitivity may be divided according to the information specifically contained, for example, the data containing the individual photograph may be represented by 5, 6, 7, or the like, and the data not involving the individual information may be represented by 1,2, 3, 4, or the like; the past history and the personal history of the patient also belong to data with higher sensitivity, and can be represented by 7 or 8 and the like; the personal information of the patient is highly sensitive data, and can be represented by 9 or 10. Or the sensitivity can be corresponding to the value of the data, the sensitivity corresponding to the data with high value is high, and the sensitivity corresponding to the data with low value is low.
In addition, the sensitivity of the corresponding attribute may be determined by identifying the content of the structure sub-data.
Here, the sensitivity range may be preset based on consideration of the sensitivity of the attribute, and the sensitivity range may be divided according to the amount of the related sensitive information, for example, sensitivity 1-4 is a sensitivity range, sensitivity 5-6 is a sensitivity range, sensitivity 7-8 is a sensitivity range, and sensitivity 9-10 is a sensitivity range. Correspondingly, the storage positions of the structure sub-data in the sensitivity range 1-4 can be encrypted in the same way, and different keys or encryption functions can be selected when the storage positions and the data digests of each structure sub-data in the same sensitivity range are encrypted.
Optionally, determining, according to the data set corresponding to each piece of structural sub-data, the storage location of each piece of structural sub-data and the encryption mode of the data summary may be: firstly, respectively determining an initial encryption mode of each data group, wherein the initial encryption modes corresponding to each data group are different; then, according to the initial encryption mode of the data group with the lowest sensitivity range, the initial encryption modes of the rest data groups are adjusted, and the adjusted encryption modes of the rest data groups are obtained; and finally, respectively determining the storage position of each structure sub-data in each data group and the encryption mode of the data abstract according to the initial encryption mode of the data group with the lowest sensitivity range and the encryption modes after the adjustment of the rest data groups.
In this embodiment, since it is most important to share common medical data in which sensitive personal information is not involved, such as medication data and operation data, among medical data, when medical data is shared, structural sub-data having the lowest sensitivity must be acquired when shared medical data is acquired. Based on the above, the security of the structural sub-data containing the sensitive information can be increased by adjusting the initial encryption mode of the rest of the data sets by adopting the initial encryption mode of the data set with the lowest sensitivity range. And by adjusting the initial encryption mode of the rest data sets, only sharing of the structure sub-data containing the sensitive information can be avoided, the act of acquiring the sensitive information is screened out through the shared data, and the data security of the user is ensured.
Optionally, in this embodiment, the initial encryption manner of the remaining data sets is adjusted by adopting the initial encryption manner of the data set with the lowest sensitivity range, which may be that the initial encryption manner of the remaining data sets is transformed by the initial encryption manner of the data set with the lowest sensitivity range; or after the other data sets are encrypted by adopting an initial encryption mode, the data sets with the lowest sensitivity range are encrypted for the second time by adopting the initial encryption mode.
Optionally, medical data generated by the same user seeking medical services in different medical institutions may be identified with different anonymities, where the anonymity may be determined by the real name of the user and the medical institution seeking medical services, or may be determined by the real name of the user and the time when the user first seeks medical services in the medical institution.
In this embodiment, even if a user breaks a piece of medical data in one medical institution, the user protects the medical data in other medical institutions in different ways because the user uses different anonymities in the medical data generated in each medical institution, so that other medical data of the user is difficult to break synchronously, and still can be well protected. Different anonymities are used for protecting different medical data, so that the safety of the medical data can be further improved.
In addition, after the anonymity of the user in different medical institutions is determined, the encryption mode or the secret key of the medical data of the user in different medical institutions can be respectively determined according to the anonymity of the user in different medical institutions, so that the safety of the medical data is further ensured.
In one embodiment, the medical data sharing method based on blockchain provided in this embodiment may further include:
And acquiring a data sharing request sent by a second node in the blockchain, wherein the data sharing request comprises a target attribute of target medical data expected to be acquired by the second node, a block corresponding to the target medical data, and a key of the second node and a key corresponding to the target medical data.
And acquiring the encrypted storage position corresponding to the target attribute from the block corresponding to the target medical data according to the target attribute in the data sharing request.
And decrypting the storage position corresponding to the target attribute according to the key of the second node, the key of the target medical data and the target attribute to obtain a corresponding decryption result.
And determining the shared data according to the decryption result, and returning the shared data to the second node.
In this embodiment, the second node may be a node of a hospital, a medical institution, a institute, a patient, or a user himself or herself, which may perform medical data acquisition. The data sharing request comprises the target attribute expected to be acquired, the target attribute can be searched in the corresponding block, and only the storage position corresponding to the target attribute is acquired, so that only the structure sub-data expected to be acquired is acquired, the whole medical data is not required to be acquired, the data quantity transmitted during medical data sharing is reduced, and the medical data sharing efficiency is improved; meanwhile, the expected acquired data is matched with the actually acquired data, so that a process of screening again after acquiring the data is avoided.
Optionally, the target attribute comprises at least one attribute; before decrypting the storage location corresponding to the target attribute according to the key of the second node, the key of the target medical data and the target attribute, the method may further include: determining a target sensitivity range corresponding to each attribute in the target attributes, and determining whether each target sensitivity range is a preset lowest sensitivity range; if each target sensitivity range is not the preset lowest sensitivity range, stopping the operation.
In this embodiment, considering that when medical data sharing is performed, the common medical data in the medical data is mainly shared, and accordingly, the common medical data generally corresponds to a preset minimum sensitivity range, so that each attribute in the target attributes can be determined, if the target sensitivity range corresponding to each attribute in the target attributes is not the preset minimum sensitivity range, it is indicated that sharing of the common medical data is not performed, that is, the purpose of the data sharing is to obtain the sensitive data of the user, and the data sharing is likely to have a problem, so that the operation is stopped, and no subsequent data sharing action is performed, thereby protecting the safety of the medical data and reducing the possibility of leakage of the medical data and the sensitive data of the user.
The preset minimum sensitivity range here may be the minimum sensitivity range corresponding to the entire medical data, for example, the preset minimum sensitivity range may be 1-3 or 1-4.
Optionally, the decrypting, according to the key of the second node, the key of the target medical data, and the target attribute, the storage location corresponding to the target attribute may include:
And decrypting the storage position corresponding to the attribute with the lowest preset sensitivity range in the target attribute.
If the corresponding storage position decryption fails in the attribute of the preset lowest sensitivity range, determining that the decryption results corresponding to all the attributes in the target attribute are decryption failure.
If the storage positions corresponding to all the attributes of the preset minimum sensitivity range are successfully decrypted, the storage addresses corresponding to the attributes of the other sensitivity ranges are continuously decrypted.
If the storage positions corresponding to the attributes in the same sensitivity range fail to decrypt, determining that the decryption result of the attribute corresponding to the sensitivity range in the target attribute is decryption failure.
If the decryption of the storage positions corresponding to all the attributes in the same sensitivity range is successful, determining that the decryption result of the attribute corresponding to the sensitivity range in the target attribute is successful.
In this embodiment, the encryption mode of the preset minimum sensitivity range is the simplest among all storage locations, so that the storage location of the target attribute corresponding to the preset minimum sensitivity range can be decrypted first, if the decryption of the storage location corresponding to the preset minimum sensitivity range fails, it is indicated that the key of the second node and the key of the target medical data provided by the second node have a problem, and subsequent decryption is not needed.
When decrypting other sensitivity ranges, if decryption failure exists in the storage position corresponding to the attribute of the same sensitivity range, the key of the second node or the key of the target medical data authorized by the user may not have the authority of the sensitivity range, so that the decryption results of the attribute corresponding to the sensitivity range are all determined to be decryption failure, and leakage of the medical data is avoided; in addition, if decryption fails in the storage location corresponding to the attribute in the same sensitivity range, an attack may be received, and in order to ensure data security, the decryption result of the attribute corresponding to the sensitivity range may be determined as decryption failure.
If the decryption of the storage locations corresponding to all the attributes in the same sensitivity range is successful, the key of the second node and the key of the target medical data authorized by the user are not problematic, and the decryption of the storage locations can be realized, so that the decryption result is determined as successful decryption, and the corresponding structure sub-data is shared.
In one embodiment, determining the shared data according to the decryption result and returning the shared data to the second node may include:
Firstly, reorganizing all structural sub-data corresponding to the successfully decrypted attribute to obtain shared data; secondly, temporarily storing the shared data to a new storage address; and finally, sending the shared data to the second node through the new storage address, and deleting the shared data in the new storage address after the preset time.
In this embodiment, after decryption is successful, the structural sub-data obtained by decryption may be combined and reorganized, so that all the obtained structural sub-data are combined into a group of data, that is, data to be shared, thereby avoiding incomplete data sharing or failure of data sharing caused by batch transmission or interruption of data transmission during transmission.
Meanwhile, when sharing the shared data, the shared data can be stored in a new storage address, the data is shared through the new storage address, the problem that the shared data is traced is solved, and the safety of medical data storage is further ensured.
In one embodiment, the structuring of the medical data to obtain structured data in a preset format may include:
Splitting the medical data according to the image description data of the image data, the audio description data of the audio data and the text description data of the rest text data in the medical data to obtain a plurality of pieces of image sub-data and corresponding image description data, a plurality of pieces of audio sub-data and audio description data, and a plurality of rest text sub-data and text description data; wherein each piece of image sub-data, each piece of audio sub-data and each piece of text sub-data are respectively a piece of medical sub-data;
Extracting keywords of image description data, audio description data and text description data;
acquiring a plurality of candidate words of preset attributes stored in a block chain;
Respectively calculating first similarity between each keyword and each candidate word in each preset attribute;
Determining a second similarity of each keyword and each preset attribute according to the similarity between each keyword and the candidate word in the same preset attribute;
Determining a preset attribute with the maximum second similarity as an attribute of medical sub-data corresponding to the keyword;
And determining the structural sub-data corresponding to each attribute based on each attribute and the medical sub-data corresponding to each attribute to obtain the structural data in the preset format of the medical data.
In this embodiment, image description data, audio description data, text description data, and the like are all used to describe medical sub-data, which may be matched with preset attributes in the blockchain.
Because specific descriptions of image description data, audio description data and text description data of different medical institutions may be different, each preset attribute stored in the blockchain corresponds to a plurality of alternative words, so that the medical data and the corresponding preset attribute are matched, and the probability of unsuccessful matching is reduced.
When the medical data is structured, the medical data can be split, and the image data, the audio data and the text data in the medical data are split into a plurality of pieces of medical sub-data so as to be matched according to the attribute later; the keywords and the candidate words can be matched by determining the first similarity between the extracted keywords and each candidate word, and then the second similarity between each keyword and each preset attribute is determined by the first similarity between each keyword and the candidate word in each preset attribute, so that the keywords and the preset attributes can be matched, and the preset attributes corresponding to the keywords are determined. The greater the similarity, the more similar the description keyword and the preset attribute are, i.e. the more matched the keyword and the preset attribute are, based on this, the attribute corresponding to the keyword, i.e. the attribute of the medical sub-data corresponding to the keyword, can be determined.
The first similarity here may be determined by calculating euclidean distance or cosine similarity between the keyword and the candidate word, or the like. The second similarity may be an average value of the respective first similarities calculated under the same preset attribute; or selecting the first similarity with the largest value under the same preset attribute; or arranging the first similarity under the same preset attribute, selecting the largest first similarity with the preset number, and determining the second similarity.
Since there is a case where the image sub-data, the audio sub-data, and the text sub-data all belong to the same attribute, for example, two or three of them are included in one operation; and the situation that a plurality of pieces of image sub-data or a plurality of pieces of audio sub-data or a plurality of pieces of text sub-data belong to the same attribute exists, so that data integration can be performed according to medical sub-data corresponding to the same attribute, and the medical sub-data corresponding to the same attribute is integrated into one piece of structure sub-data, so that a plurality of attributes in the medical data and the structure sub-data corresponding to each attribute are obtained.
Here, in integrating the structural sub data, the structural sub data may be integrated according to the type of data, for example, arranged in the order of text sub data, image sub data, and audio sub data, or arranged in the time order, thereby combining the structural sub data.
According to the embodiment of the invention, the medical data can be converted into the structured data with the preset format by carrying out the structuring treatment on the medical data, so that the medical data is split into a plurality of pieces of structure sub-data with different attributes; by respectively encrypting and storing each piece of structure sub-data and uploading the storage position of the structure sub-data to the blockchain, the problem of large-section uploading of medical data can be avoided, the condition of bloated medical data is reduced, the data volume of medical data uploading is reduced, and therefore the sharing efficiency of the medical data is improved; through storing and uploading each piece of structure sub-data, each piece of structure sub-data can be searched and shared, so that the searching efficiency of medical data is improved, the whole medical data is not required to be shared, the sharing can be carried out pertinently, and the sharing efficiency of the medical data is further improved. When the storage position is encrypted, different encryption modes can be adopted according to the sensitivity range corresponding to the structural sub-data, so that the safety of the different structural sub-data can be ensured, a user with corresponding authority can only acquire the corresponding structural sub-data, and the hidden danger of information leakage is reduced; and the initial encryption mode of the rest data sets is adjusted according to the initial encryption mode of the data set with the lowest sensitivity range, so that only sharing of the structure sub-data containing the sensitive information can be avoided, the action of acquiring the sensitive information through screening the shared data is further ensured, and the data security of the user is further ensured. The embodiment of the invention also acquires the data sharing request sent by the second node, acquires the encrypted storage position corresponding to the target attribute from the block corresponding to the target medical data according to the target attribute in the data sharing request, decrypts the encrypted storage position, realizes the sharing of the medical data, can only acquire the structure sub-data which is expected to be acquired, does not need to acquire the whole medical data, reduces the data quantity transmitted during the sharing of the medical data, and improves the efficiency of the sharing of the medical data. When decrypting the encrypted storage position, determining a target sensitivity range corresponding to the target attribute, and stopping operation if each target sensitivity range is not a preset minimum sensitivity range, so that the behavior of only acquiring sensitive data of a user is avoided, and the safety of medical data is protected; meanwhile, the decryption conditions of the storage positions corresponding to the attributes in the same sensitivity range are determined, if decryption failure exists, the decryption result of the attribute corresponding to the sensitivity range in the target attribute is determined to be the decryption failure, the medical data is prevented from being attacked and revealed, and the safety of the medical data is further ensured.
It should be understood that the sequence number of each step in the foregoing embodiment does not mean that the execution sequence of each process should be determined by the function and the internal logic, and should not limit the implementation process of the embodiment of the present invention.
The following are device embodiments of the invention, for details not described in detail therein, reference may be made to the corresponding method embodiments described above.
Fig. 4 is a schematic structural diagram of a medical data sharing device based on a blockchain, which is provided in an embodiment of the present invention, and for convenience of explanation, only a portion related to the embodiment of the present invention is shown, and the details are as follows:
as shown in fig. 4, the blockchain-based medical data sharing device 40 includes:
an obtaining module 41, configured to obtain medical data uploaded by a first node in the blockchain;
The processing module 42 is configured to perform a structuring process on the medical data to obtain structured data in a preset format; the structured data comprises a plurality of pieces of structure sub-data and attributes of each piece of structure sub-data;
The storage module 43 is configured to encrypt each piece of structure sub-data, and store each piece of encrypted structure sub-data to obtain a storage location of each piece of encrypted structure sub-data;
the encryption module 44 is configured to extract data digests corresponding to the plurality of pieces of structure sub-data, and encrypt storage locations and data digests of the plurality of pieces of structure sub-data according to attributes corresponding to each piece of structure sub-data, and a key of the medical data and a key of the first node;
The sharing module 45 is configured to store the encrypted storage location and the data summary, and the attributes of the plurality of pieces of structural sub-data to corresponding blocks in the blockchain for sharing medical data.
In one possible implementation, the blockchain-based medical data sharing device 40 further includes:
The obtaining module 41 is further configured to obtain a data sharing request sent by the second node in the blockchain, where the data sharing request includes a target attribute of target medical data that the second node desires to obtain and a block corresponding to the target medical data, and a key of the second node and a key corresponding to the target medical data;
The searching module is used for acquiring an encrypted storage position corresponding to the target attribute from a block corresponding to the target medical data according to the target attribute in the data sharing request;
The decryption module is used for decrypting the storage position corresponding to the target attribute according to the key of the second node, the key of the target medical data and the target attribute to obtain a corresponding decryption result;
the sharing module 45 is configured to determine the shared data according to the decryption result, and return the shared data to the second node.
In one possible implementation, the encryption module 44 is specifically configured to:
Determining the sensitivity corresponding to each piece of structure sub-data according to the attribute corresponding to each piece of structure sub-data;
Grouping the plurality of structural sub-data according to the sensitivity to obtain a plurality of data groups, wherein the data groups correspond to the sensitivity ranges one by one, and the sensitivity corresponding to the plurality of structural sub-data in one data group is positioned in the sensitivity range of the data group;
determining the storage position of each piece of structure sub-data and the encryption mode of the data abstract according to the data group corresponding to each piece of structure sub-data;
And encrypting the storage position and the data abstract of each piece of structure sub-data based on the encryption mode of each piece of structure sub-data, the key of the medical data and the key of the first node.
In one possible implementation, the encryption module 44 is specifically configured to:
respectively determining an initial encryption mode of each data group, wherein the initial encryption modes corresponding to each data group are different;
According to the initial encryption mode of the data group with the lowest sensitivity range, the initial encryption mode of the rest data groups is adjusted, and the adjusted encryption mode of the rest data groups is obtained;
And respectively determining the storage position of each structure sub-data in each data group and the encryption mode of the data abstract according to the initial encryption mode of the data group with the lowest sensitivity range and the encryption modes after the adjustment of the rest data groups.
In one possible implementation, the target attribute includes at least one attribute;
The decryption module is further configured to:
determining a target sensitivity range corresponding to each attribute in the target attributes, and determining whether each target sensitivity range is a preset lowest sensitivity range;
If each target sensitivity range is not the preset lowest sensitivity range, stopping the operation.
In one possible implementation, the decryption module is specifically configured to:
decrypting a storage position corresponding to an attribute with a preset lowest sensitivity range in the target attributes;
If the corresponding storage position decryption fails in the attribute of the preset lowest sensitivity range, determining that decryption results corresponding to all the attributes in the target attribute are decryption failure;
if the storage positions corresponding to all the attributes of the preset minimum sensitivity range are successfully decrypted, continuing to decrypt the storage addresses corresponding to the attributes of the other sensitivity ranges;
If the storage positions corresponding to the attributes in the same sensitivity range fail to decrypt, determining that the decryption result of the attribute corresponding to the sensitivity range in the target attribute is decryption failure;
if the storage positions corresponding to the attributes in the same sensitivity range are successfully decrypted, determining that the decryption result of the attribute corresponding to the sensitivity range in the target attribute is successful.
In one possible implementation, the sharing module 45 is specifically configured to:
Reorganizing all the structure sub-data corresponding to the decrypted attribute to obtain the data to be shared;
randomly filling data to be shared to obtain shared data;
temporarily storing the shared data to a new storage address;
and sending the shared data to the second node through the new storage address, and deleting the shared data in the new storage address after the preset time.
Fig. 5 is a schematic diagram of an electronic device according to an embodiment of the present invention. As shown in fig. 5, the electronic device 50 of this embodiment includes: a processor 51, a memory 52 and a computer program 53 stored in the memory 52 and executable on the processor 51. The steps of the various blockchain-based medical data sharing method embodiments described above, such as steps S201 through S205 shown in fig. 1, are implemented when the processor 51 executes the computer program 53. Or the processor 51 when executing the computer program 53 performs the functions of the modules of the above-described embodiments of the apparatus, such as the functions of the modules 41 to 45 shown in fig. 4.
By way of example, the computer program 53 may be divided into one or more modules/units, which are stored in the memory 52 and executed by the processor 51 to complete the present invention. One or more of the modules/units may be a series of computer program instruction segments capable of performing particular functions for describing the execution of the computer program 53 in the electronic device 50. For example, the computer program 53 may be split into modules 41 to 45 shown in fig. 4.
The electronic device 50 may include, but is not limited to, a processor 51, a memory 52. It will be appreciated by those skilled in the art that fig. 5 is merely an example of electronic device 50 and is not intended to limit electronic device 50, and may include more or fewer components than shown, or may combine certain components, or different components, e.g., an electronic device may also include an input-output device, a network access device, a bus, etc.
The Processor 51 may be a central processing unit (Central Processing Unit, CPU), other general purpose Processor, digital signal Processor (DIGITAL SIGNAL Processor, DSP), application SPECIFIC INTEGRATED Circuit (ASIC), field-Programmable gate array (Field-Programmable GATE ARRAY, FPGA) or other Programmable logic device, discrete gate or transistor logic device, discrete hardware components, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 52 may be an internal storage unit of the electronic device 50, such as a hard disk or a memory of the electronic device 50. The memory 52 may also be an external storage device of the electronic device 50, such as a plug-in hard disk provided on the electronic device 50, a smart memory card (SMART MEDIA CARD, SMC), a Secure Digital (SD) card, a flash memory card (FLASH CARD), or the like. Further, the memory 52 may also include both internal and external storage units of the electronic device 50. The memory 52 is used to store computer programs and other programs and data required by the electronic device. The memory 52 may also be used to temporarily store data that has been output or is to be output.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-described division of the functional units and modules is illustrated, and in practical application, the above-described functional distribution may be performed by different functional units and modules according to needs, i.e. the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-described functions. The functional units and modules in the embodiment may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit, where the integrated units may be implemented in a form of hardware or a form of a software functional unit. In addition, the specific names of the functional units and modules are only for distinguishing from each other, and are not used for limiting the protection scope of the present application. The specific working process of the units and modules in the above system may refer to the corresponding process in the foregoing method embodiment, which is not described herein again.
In the foregoing embodiments, the descriptions of the embodiments are emphasized, and in part, not described or illustrated in any particular embodiment, reference is made to the related descriptions of other embodiments.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus/electronic device and method may be implemented in other manners. For example, the apparatus/electronic device embodiments described above are merely illustrative, e.g., the division of modules or units is merely a logical functional division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection via interfaces, devices or units, which may be in electrical, mechanical or other forms.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed over a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated modules/units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the present invention may implement all or part of the flow of the method of the above embodiment, or may be implemented by a computer program to instruct related hardware, where the computer program may be stored in a computer readable storage medium, and when the computer program is executed by a processor, the steps of each method embodiment described above may be implemented. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, executable files or in some intermediate form, etc. The computer readable medium may include: any entity or device capable of carrying computer program code, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer Memory, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), an electrical carrier signal, a telecommunications signal, a software distribution medium, and so forth.
The above embodiments are only for illustrating the technical solution of the present invention, and are not limiting; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention, and are intended to be included in the scope of the present invention.

Claims (6)

1. A blockchain-based medical data sharing method, comprising:
Acquiring medical data uploaded by a first node in a block chain;
Carrying out structuring treatment on the medical data to obtain structured data in a preset format; wherein the structured data comprises a plurality of pieces of structure sub-data and attributes of each piece of structure sub-data;
Encrypting each piece of structure sub data respectively, and storing each piece of encrypted structure sub data to obtain a storage position of each piece of encrypted structure sub data;
extracting data summaries corresponding to the plurality of pieces of structure sub-data, and encrypting storage positions and the data summaries of the plurality of pieces of structure sub-data according to the attribute corresponding to each piece of structure sub-data, the secret key of the medical data and the secret key of the first node;
Storing the encrypted storage position, the data abstract and the attributes of the plurality of pieces of structure sub-data to corresponding blocks in the block chain so as to share medical data;
the method further comprises the steps of:
Acquiring a data sharing request sent by a second node in the blockchain, wherein the data sharing request comprises a target attribute of target medical data expected to be acquired by the second node, a block corresponding to the target medical data, a secret key of the second node and a secret key corresponding to the target medical data;
Acquiring an encrypted storage position corresponding to the target attribute from a block corresponding to the target medical data according to the target attribute in the data sharing request;
Decrypting a storage position corresponding to the target attribute according to the key of the second node, the key of the target medical data and the target attribute to obtain a corresponding decryption result;
Determining shared data according to the decryption result, and returning the shared data to the second node;
The encrypting the storage locations and the data digests of the plurality of pieces of structure sub-data according to the attribute corresponding to each piece of structure sub-data, the secret key of the medical data and the secret key of the first node respectively comprises the following steps:
Determining the sensitivity corresponding to each piece of structure sub-data according to the attribute corresponding to each piece of structure sub-data;
Grouping the plurality of structural sub-data according to the sensitivity to obtain a plurality of data groups, wherein the data groups correspond to the sensitivity ranges one by one, and the sensitivity corresponding to the plurality of structural sub-data in one data group is positioned in the sensitivity range of the data group;
determining the storage position of each piece of structure sub-data and the encryption mode of the data abstract according to the data group corresponding to each piece of structure sub-data;
encrypting the storage position and the data abstract of each piece of structure sub-data based on the encryption mode of each piece of structure sub-data, the secret key of the medical data and the secret key of the first node;
the determining the storage position of each piece of structure sub-data and the encryption mode of the data abstract according to the data group corresponding to each piece of structure sub-data comprises the following steps:
respectively determining an initial encryption mode of each data group, wherein the initial encryption modes corresponding to each data group are different;
according to the initial encryption mode of the data group with the lowest sensitivity range, the initial encryption modes of the rest data groups are adjusted, and the adjusted encryption modes of the rest data groups are obtained;
According to the initial encryption mode of the data group with the lowest sensitivity range and the encryption mode adjusted by the rest data groups, the storage position of each structure sub-data in each data group and the encryption mode of the data abstract are respectively determined;
The step of adjusting the initial encryption modes of the rest of the data sets according to the initial encryption mode of the data set with the lowest sensitivity range to obtain the adjusted encryption modes of the rest of the data sets comprises the following steps:
Transforming the initial encryption modes of the rest of the data sets according to the initial encryption modes of the data sets with the lowest sensitivity range, and obtaining the adjusted encryption modes of the rest of the data sets;
or performing secondary encryption by adopting an initial encryption mode of the data group with the lowest sensitivity range after encrypting the rest of the data groups by adopting the initial encryption mode, so as to obtain an adjusted encryption mode of the rest of the data groups;
The target attribute includes at least one attribute;
before decrypting the storage location corresponding to the target attribute according to the key of the second node, the key of the target medical data and the target attribute, the method further includes:
Determining a target sensitivity range corresponding to each attribute in the target attributes, and determining whether each target sensitivity range is a preset lowest sensitivity range;
and stopping the operation if each target sensitivity range is not the preset lowest sensitivity range.
2. The blockchain-based medical data sharing method of claim 1, wherein decrypting the storage location corresponding to the target attribute based on the key of the second node, the key of the target medical data, and the target attribute includes:
Decrypting a storage position corresponding to an attribute with a preset lowest sensitivity range in the target attributes;
if the corresponding storage position decryption fails in the attribute of the preset lowest sensitivity range, determining that decryption results corresponding to all the attributes in the target attribute are decryption failure;
if the storage positions corresponding to all the attributes of the preset minimum sensitivity range are successfully decrypted, continuing to decrypt the storage addresses corresponding to the attributes of the other sensitivity ranges;
If the storage positions corresponding to the attributes in the same sensitivity range fail to decrypt, determining that the decryption result of the attribute corresponding to the sensitivity range in the target attribute is decryption failure;
If the storage positions corresponding to the attributes in the same sensitivity range are successfully decrypted, determining that the decryption result of the attribute corresponding to the sensitivity range in the target attribute is successful.
3. The blockchain-based medical data sharing method of claim 2, wherein the determining shared data according to the decryption result and returning the shared data to the second node includes:
Reorganizing all structure sub-data corresponding to the decrypted attribute to obtain shared data;
temporarily storing the shared data to a new storage address;
And sending the shared data to the second node through the new storage address, and deleting the shared data in the new storage address after preset time.
4. A blockchain-based medical data sharing device, comprising:
The acquisition module is used for acquiring medical data uploaded by a first node in the blockchain;
The processing module is used for carrying out structuring processing on the medical data to obtain structured data in a preset format; wherein the structured data comprises a plurality of pieces of structure sub-data and attributes of each piece of structure sub-data;
the storage module is used for encrypting each piece of structure sub-data respectively and storing each piece of encrypted structure sub-data to obtain the storage position of each piece of encrypted structure sub-data;
The encryption module is used for extracting data summaries corresponding to the plurality of pieces of structure sub-data, and encrypting storage positions and the data summaries of the plurality of pieces of structure sub-data according to the attribute corresponding to each piece of structure sub-data, the key of the medical data and the key of the first node;
the sharing module is used for storing the encrypted storage position and the data abstract and the attributes of the plurality of pieces of structure sub-data to the corresponding blocks in the block chain so as to share medical data;
The acquisition module is further used for acquiring a data sharing request sent by a second node in the blockchain, wherein the data sharing request comprises target attributes of target medical data expected to be acquired by the second node, blocks corresponding to the target medical data, and keys of the second node and keys corresponding to the target medical data;
The searching module is used for acquiring an encrypted storage position corresponding to the target attribute from a block corresponding to the target medical data according to the target attribute in the data sharing request;
The decryption module is used for decrypting the storage position corresponding to the target attribute according to the key of the second node, the key of the target medical data and the target attribute to obtain a corresponding decryption result;
the sharing module is used for determining shared data according to the decryption result and returning the shared data to the second node;
the encryption module is specifically used for:
Determining the sensitivity corresponding to each piece of structure sub-data according to the attribute corresponding to each piece of structure sub-data;
Grouping the plurality of structural sub-data according to the sensitivity to obtain a plurality of data groups, wherein the data groups correspond to the sensitivity ranges one by one, and the sensitivity corresponding to the plurality of structural sub-data in one data group is positioned in the sensitivity range of the data group;
determining the storage position of each piece of structure sub-data and the encryption mode of the data abstract according to the data group corresponding to each piece of structure sub-data;
Encrypting the storage position and the data abstract of each piece of structure sub-data based on the encryption mode of each piece of structure sub-data, the key of the medical data and the key of the first node;
the encryption module is specifically used for:
respectively determining an initial encryption mode of each data group, wherein the initial encryption modes corresponding to each data group are different;
According to the initial encryption mode of the data group with the lowest sensitivity range, the initial encryption mode of the rest data groups is adjusted, and the adjusted encryption mode of the rest data groups is obtained;
Determining the storage position of each structure sub-data in each data group and the encryption mode of the data abstract according to the initial encryption mode of the data group with the lowest sensitivity range and the encryption modes after the adjustment of the rest data groups;
the encryption module is specifically used for:
Transforming the initial encryption modes of the rest of the data sets according to the initial encryption modes of the data sets with the lowest sensitivity range, and obtaining the adjusted encryption modes of the rest of the data sets;
or performing secondary encryption by adopting an initial encryption mode of the data group with the lowest sensitivity range after encrypting the rest of the data groups by adopting the initial encryption mode, so as to obtain an adjusted encryption mode of the rest of the data groups;
The target attribute includes at least one attribute;
The decryption module is further configured to:
determining a target sensitivity range corresponding to each attribute in the target attributes, and determining whether each target sensitivity range is a preset lowest sensitivity range;
If each target sensitivity range is not the preset lowest sensitivity range, stopping the operation.
5. An electronic device comprising a memory for storing a computer program and a processor for calling and running the computer program stored in the memory, characterized in that the processor implements the steps of the method according to any of the preceding claims 1-3 when the computer program is executed.
6. A computer-readable storage medium storing a computer program, characterized in that the computer program when executed by a processor implements the steps of the method according to any of the preceding claims 1 to 3.
CN202410269052.2A 2024-03-11 2024-03-11 Medical data sharing method, device, equipment and storage medium based on blockchain Active CN117874144B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202410269052.2A CN117874144B (en) 2024-03-11 2024-03-11 Medical data sharing method, device, equipment and storage medium based on blockchain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202410269052.2A CN117874144B (en) 2024-03-11 2024-03-11 Medical data sharing method, device, equipment and storage medium based on blockchain

Publications (2)

Publication Number Publication Date
CN117874144A CN117874144A (en) 2024-04-12
CN117874144B true CN117874144B (en) 2024-05-28

Family

ID=90594880

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202410269052.2A Active CN117874144B (en) 2024-03-11 2024-03-11 Medical data sharing method, device, equipment and storage medium based on blockchain

Country Status (1)

Country Link
CN (1) CN117874144B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108959945A (en) * 2018-07-06 2018-12-07 腾讯科技(深圳)有限公司 Medical data sharing method, device, computer-readable medium and electronic equipment
CN109326337A (en) * 2018-09-06 2019-02-12 西安电子科技大学 Electronic medical record storage and shared model and method based on block chain
CN111881481A (en) * 2020-08-05 2020-11-03 杭州翔毅科技有限公司 Block chain-based medical data processing method, device, equipment and storage medium
CN116303437A (en) * 2023-02-23 2023-06-23 桂林电子科技大学 Medical data hierarchical storage and sharing method based on block chain
CN116469501A (en) * 2023-03-09 2023-07-21 西安电子科技大学广州研究院 Electronic medical record sharing method, system, equipment and storage medium based on blockchain
CN117238458A (en) * 2023-09-14 2023-12-15 广东省第二人民医院(广东省卫生应急医院) Critical care cross-mechanism collaboration platform system based on cloud computing
CN117251850A (en) * 2023-10-20 2023-12-19 太原工业学院 Intelligent data sharing and monitoring method and system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108959945A (en) * 2018-07-06 2018-12-07 腾讯科技(深圳)有限公司 Medical data sharing method, device, computer-readable medium and electronic equipment
CN109326337A (en) * 2018-09-06 2019-02-12 西安电子科技大学 Electronic medical record storage and shared model and method based on block chain
CN111881481A (en) * 2020-08-05 2020-11-03 杭州翔毅科技有限公司 Block chain-based medical data processing method, device, equipment and storage medium
CN116303437A (en) * 2023-02-23 2023-06-23 桂林电子科技大学 Medical data hierarchical storage and sharing method based on block chain
CN116469501A (en) * 2023-03-09 2023-07-21 西安电子科技大学广州研究院 Electronic medical record sharing method, system, equipment and storage medium based on blockchain
CN117238458A (en) * 2023-09-14 2023-12-15 广东省第二人民医院(广东省卫生应急医院) Critical care cross-mechanism collaboration platform system based on cloud computing
CN117251850A (en) * 2023-10-20 2023-12-19 太原工业学院 Intelligent data sharing and monitoring method and system

Also Published As

Publication number Publication date
CN117874144A (en) 2024-04-12

Similar Documents

Publication Publication Date Title
US20190122753A1 (en) Method, apparatus and system for rendering and displaying medical images
CA2615292C (en) System and method for the protection and de-identification of health care data
WO2018176484A1 (en) Method and apparatus for processing medical image transmission data, and electronic device
Zhuang et al. Applying blockchain technology to enhance clinical trial recruitment
CN111079171A (en) Block chain-based medical data privacy protection method and storage medium
CN107194267B (en) Data processing method, data processing apparatus, and computer-readable storage medium
US20130318361A1 (en) Encrypting and storing biometric information on a storage device
US10164950B2 (en) Controlling access to clinical data analyzed by remote computing resources
CN110634544A (en) Medical record data processing method and device based on block chain, storage medium and equipment
CN110910978B (en) Information processing method and related device applied to blockchain network
EP2272021A1 (en) Secure data cache
US20200218826A1 (en) Data searching system, data searching method and computer readable medium
US10216940B2 (en) Systems, methods, apparatuses, and computer program products for truncated, encrypted searching of encrypted identifiers
CN112582070A (en) Providing and receiving medical data records
CN115694949A (en) Private data sharing method and system based on block chain
CN114528591A (en) Data management method, device, server and storage medium
WO2019095552A1 (en) Regional healthcare system and method for enhancing security and synergetic integration of electronic medical record
CN114826736A (en) Information sharing method, device, equipment and storage medium
CN113378224B (en) Medical image storage method, device, equipment and storage medium
CN113051622B (en) Index construction method, device, equipment and storage medium
CN113722731A (en) Medical data sharing method and device, electronic equipment and storage medium
WO2024104901A1 (en) Method and system for re-associating anonymised data with a data owner
CN112487461A (en) Data encryption method
CN117874144B (en) Medical data sharing method, device, equipment and storage medium based on blockchain
CN116361774A (en) Password cracking method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant